github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-10 16:08:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/Infisical/infisical

Browse Source
This commit is contained in:
Vladyslav Matsiiako
2022-11-26 16:55:34 -05:00
parent c1089497b7 b9665786c8
commit b12856363e
28 changed files with 300 additions and 246 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@@ -10,7 +10,7 @@
<a href="https://join.slack.com/t/infisical-users/shared_invite/zt-1kdbk07ro-RtoyEt_9E~fyzGo_xQYP6g">Slack</a> |
<a href="https://infisical.com/signup">Infisical Cloud</a> |
<a href="https://infisical.com/docs/self-hosting/overview">Self-Hosting</a> |
<a href="https://infisical.com/docs/gettingStarted">Docs</a> |
<a href="https://infisical.com/docs/getting-started/introduction">Docs</a> |
<a href="https://www.infisical.com">Website</a>
</h4>
@@ -31,11 +31,11 @@
**[Infisical](https://infisical.com)** is an open source, E2EE tool to help teams manage and sync environment variables across their development workflow and infrastructure. It's designed to be simple and take minutes to get going.
- **User-Friendly Dashboard** to manage your team's environment variables within projects
- **[Language-Agnostic CLI](https://infisical.com/docs/CLI)** that pulls and injects environment variables into your local workflow
- **[Complete control over your data](https://infisical.com/docs/self_host_overview)** - host it yourself on any infrastructure
- **[Language-Agnostic CLI](https://infisical.com/docs/cli/overview)** that pulls and injects environment variables into your local workflow
- **[Complete control over your data](https://infisical.com/docs/self-hosting/overview)** - host it yourself on any infrastructure
- **Navigate Multiple Environments** per project (e.g. development, staging, production, etc.)
- **Personal/Shared** scoping for environment variables
- **[Integrations](https://infisical.com/docs/Heroku)** with CI/CD and production infrastructure (Heroku available, more coming soon)
- **[Integrations](https://infisical.com/docs/integrations/heroku)** with CI/CD and production infrastructure (Heroku available, more coming soon)
- 🔜 **1-Click Deploy** to Digital Ocean and Heroku
- 🔜 **Authentication/Authorization** for projects (read/write controls soon)
- 🔜 **Automatic Secret Rotation**
@@ -49,12 +49,6 @@ And more.
To quickly get started, visit our [get started guide](https://infisical.com/docs/getting-started/introduction).
## Stay Up-to-Date
Infisical officially launched as v.1.0 on November 21st, 2022. However, a lot of new features are coming very quickly. Watch **releases** of this repository to be notified about future updates:
![infisical-star-github](https://github.com/Infisical/infisical/blob/main/.github/images/star-infisical.gif?raw=true)
## What's cool about this?
Infisical is simple, E2EE, and (soon to be) complete.
@@ -65,12 +59,10 @@ We're on a mission to make secret management more accessible to everyone — tha
If you care about efficiency and security, then Infisical is right for you.
Need any integrations or want a new feature? Feel free to [create an issue](https://github.com/Infisical/infisical/issues) or [contribute](https://infisical.com/docs/contributing) directly to the repository.
Need any integrations or want a new feature? Feel free to [create an issue](https://github.com/Infisical/infisical/issues) or [contribute](https://infisical.com/docs/contributing/overview) directly to the repository.
## Contributing
For full documentation, visit [infisical.com/docs](https://infisical.com/docs).
Whether it's big or small, we love contributions ❤️ Check out our guide to see how to [get started](https://infisical.com/docs/contributing/overview).
Not sure where to get started? [Book a free, non-pressure pairing sessions with one of our teammates](mailto:tony@infisical.com?subject=Pairing%20session&body=I'd%20like%20to%20do%20a%20pairing%20session!)!
@@ -89,6 +81,12 @@ Not sure where to get started? [Book a free, non-pressure pairing sessions with
We're currently in Public Alpha.
## Stay Up-to-Date
Infisical officially launched as v.1.0 on November 21st, 2022. However, a lot of new features are coming very quickly. Watch **releases** of this repository to be notified about future updates:
![infisical-star-github](https://github.com/Infisical/infisical/blob/main/.github/images/star-infisical.gif?raw=true)
## Integrations
We're currently setting the foundation and building integrations so secrets can be synced everywhere. Any help is welcome! :)

8
backend/src/helpers/rateLimiter.ts
View File

@@ -3,7 +3,7 @@ import rateLimit from 'express-rate-limit';
// 300 requests per 15 minutes
const apiLimiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: 300,
max: 400,
standardHeaders: true,
legacyHeaders: false
});
@@ -11,7 +11,7 @@ const apiLimiter = rateLimit({
// 5 requests per hour
const signupLimiter = rateLimit({
windowMs: 60 * 60 * 1000,
max: 5,
max: 10,
standardHeaders: true,
legacyHeaders: false
});
@@ -19,7 +19,7 @@ const signupLimiter = rateLimit({
// 10 requests per hour
const loginLimiter = rateLimit({
windowMs: 60 * 60 * 1000,
max: 10,
max: 20,
standardHeaders: true,
legacyHeaders: false
});
@@ -27,7 +27,7 @@ const loginLimiter = rateLimit({
// 5 requests per hour
const passwordLimiter = rateLimit({
windowMs: 60 * 60 * 1000,
max: 5,
max: 10,
standardHeaders: true,
legacyHeaders: false
});

12
docs/getting-started/cli/installation.mdx → docs/cli/overview.mdx
View File

@@ -1,10 +1,12 @@
---
title: "Installation"
title: "Overview"
---
Prerequisite: [Setup an account](../../getting-started/dashboard/create-account) with Infisical Cloud or via self-hosted installation.
Prerequisite: Set up an account with [Infisical Cloud](https://app.infisical.com) or via a [self-hosted installation](/self-hosting/overview).
Follow the guide for your OS below to install the CLI.
The Infisical CLI provides a way to inject environment variables from the platform into your apps and infrastructure.
## Installation
<Tabs>
<Tab title="MacOS">
@@ -18,7 +20,7 @@ Follow the guide for your OS below to install the CLI.
infisical --version
```
To update:
## Updates
```bash
brew upgrade infisical
@@ -37,7 +39,7 @@ Follow the guide for your OS below to install the CLI.
infisical --version
```
To update:
## Updates
```bash
scoop update infisical

20
docs/cli/reference/commands.mdx Normal file
View File

@@ -0,0 +1,20 @@
---
title: "Commands"
---
## Commands
| Command | Description |
| ------- | -------------------------------------------------------------------- |
| `login` | Used to authenticate and set the logged in user. |
| `init` | Used to link a local project to the platform. |
| `run` | Used to inject envars from the platform into an application process. |
## Global options
| Option | Description |
| ----------------- | ----------------------------------------------- |
| `--help`, `-h` | List help for any command |
| `--debug`, `-d` | Enable verbose logging |
| `--domain` | Use to direct Infisical to a self-hosted domain |
| `--version`, `-v` | Print version information and quit |

13
docs/cli/reference/init.mdx Normal file
View File

@@ -0,0 +1,13 @@
---
title: "infisical init"
---
```bash
infisical init
```
## Description
Link a local project to the platform
The command creates a `infisical.json` file containing your Project ID.

13
docs/cli/reference/login.mdx Normal file
View File

@@ -0,0 +1,13 @@
---
title: "infisical login"
---
```bash
infisical login
```
## Description
Verify a user and save credentials to the system keyring.
To change the logged in user, run the command again to overwrite the previous login.

18
docs/cli/reference/run.mdx Normal file
View File

@@ -0,0 +1,18 @@
---
title: "infisical run"
---
```bash
infisical run [options] -- [your application start command]
```
## Description
Inject environment variables from the platform into an application process.
## Options
| Option | Description | Default value |
| ------------- | ----------------------------------------------------------------------------------------------------------- | ------------- |
| `--env` | Used to set the environment that secrets are pulled from. Accepted values: `dev`, `staging`, `test`, `prod` | `dev` |
| `--projectId` | Used to link a local project to the platform (required only if injecting via the service token method) | `None` |

0
docs/getting-started/cli/token.mdx → docs/cli/token.mdx
View File

21
docs/getting-started/cli/cli-guide.mdx → docs/cli/usage.mdx
View File

@@ -2,33 +2,28 @@
title: "Usage"
---
Prerequisite: [Install the CLI](../../getting-started/cli/installation)
Prerequisite: [Install the CLI](/cli/overview)
## Login
Login in using the `login` command in your terminal. Logging in is a one-time, post-installation action that authenticates you with the platform — to change users, you can run the command again.
## Log in to the Infisical CLI
```bash
infisical login
```
## Initialization
In the root of your local project, initialize Infisical and follow steps to connect your project to the platform.
## Initialize Infisical for your project
```bash
# move to your project
cd /path/to/project
# initialization
# initialize infisical
infisical init
```
## Injecting environment variables
To inject environment variables from the platform to your project, use the `run` command.
## Inject environment variables
```bash
# command
# inject environment variables into app
infisical run -- [your application start command]
```
@@ -39,7 +34,7 @@ Options you can specify:
| `--env` | Used to set the environment that secrets are pulled from. Accepted values: `dev`, `staging`, `test`, `prod` | `dev` |
| `--projectId` | Used to link a local project to the platform (required only if injecting via the service token method) | `None` |
Examples:
## Examples:
```bash
# example with node

27
docs/contributing/architecture.mdx
View File

@@ -1,27 +0,0 @@
---
title: "Architecture"
---
Infisical is an open-source collection of services for simple secret management built on top of Typescript, Javascript (ongoing conversion to TS), and Go. It's all dockerized and can be spun up with Docker Compose.
![architecture](../images/architecture-diagram2.png)
## NGINX
NGINX is a reverse-proxy and load balancer that sits in front of Infisical. It forwards requests to the frontend and backend services.
## Frontend
The frontend service renders the Web UI using Next.js.
## Backend
The backend service provides the back-of-house logic for secret management.
## Database
The (MongoDB) database stores all data and (encrypted) secrets.
## CLI
The platform-agnostic CLI allows you to inject environment variables from Infisical into apps and infrastructure.

1
docs/contributing/developing.mdx
View File

@@ -40,6 +40,7 @@ docker-compose -f docker-compose.dev.yml up
The docker-compose development environment consists of:
- nginx
- frontend
- backend
- mongo

55
docs/getting-started/cli/reference.mdx
View File

@@ -1,55 +0,0 @@
---
title: "Reference"
---
## Commands
| Command | Description | Options |
| ------- | -------------------------------------------------------------------- | ---------------------- |
| `login` | Used to authenticate and set the logged in user. |
| `init` | Used to link a local project to the platform. |
| `run` | Used to inject envars from the platform into an application process. | `--projectId`, `--env` |
## Global options
| Option | Description |
| ----------------- | ---------------------------------- |
| `--help`, `-h` | List help for any command |
| `--debug`, `-d` | Enable verbose logging |
| `--domain` | Use to direct Infisical to |
| `--version`, `-v` | Print version information and quit |
### Login
Used to authenticate and set the logged in user.
Post-authentication credentials are saved securely in your system keyring. Since only one user can be logged in at a time, to change the logged in user, run the command again to overwrite the previous login.
```bash
infisical login
```
### Init
Used to link a local project to the platform (cloud or self-hosted)
Run this command at the root of your local project. You will have to run this command for each new project you create locally.
```bash
infisical init
```
### Run
Used to inject environment variables from the platform into an application process.
```bash
infisical run [options] -- [your application start command]
```
Options you can specify:
| Option | Description | Default value |
| ------------- | ----------------------------------------------------------------------------------------------------------- | ------------- |
| `--env` | Used to set the environment that secrets are pulled from. Accepted values: `dev`, `staging`, `test`, `prod` | `dev` |
| `--projectId` | Used to link a local project to the platform (required only if injecting via the service token method) | `None` |

2
docs/getting-started/dashboard/create-account.mdx
View File

@@ -4,7 +4,7 @@ title: "Sign up"
## Self-hosted
If you're using a self-hosted installation, follow the [setup](/self-hosting/overview) then open your website URL `{WEBSITE_URL}/login`.
If you're using a self-hosted installation, follow the [setup](/self-hosting/overview) then open your site URL `{SITE_URL}`.
## Infisical Cloud

6
docs/getting-started/dashboard/integrations.mdx
View File

@@ -8,6 +8,6 @@ Were still early with integrations but youll be able to sync environment v
Check out integrations:
- Heroku
- Docker
- Docker Compose
- [Heroku](/integrations/heroku)
- [Docker](/integrations/docker)
- [Docker Compose](/integrations/docker-compose)

6
docs/getting-started/dashboard/token.mdx
View File

@@ -4,11 +4,11 @@ title: "Infisical Token"
An Infisical Token is needed to authenticate the CLI when there isn't an easy way to manually type in your login credentials to sync environment variables to your applications.
It grants read-only access to a particular environment and project for a specified amount of time; once the token expires, any CLI application that relies on it for authentication will be denied access to retrieve related secrets.
It grants read-only access to a particular environment and project for a specified amount of time.
This is useful in the following contexts:
- [Docker](../../integrations/docker)/[Docker-Compose](../../integrations/docker-compose) integration: An Infisical Token can be passed to a Docker container as an environment variable for the CLI to authenticate and pull its corresponding secrets.
- [Docker](/integrations/docker)/[Docker-Compose](/integrations/docker-compose) integration: An Infisical Token can be passed to a Docker container as an environment variable for the CLI to authenticate and pull its corresponding secrets.
## Generate an Infisical Token
@@ -19,5 +19,3 @@ It's possible to generate an Infisical token in the settings of a project.
![token name](../../images/project-token-name.png)
![token added](../../images/project-token-added.png)
To use the Infisical Token in the CLI, check out the docs for that [here](../../getting-started/cli/token).

54
docs/getting-started/features.mdx
View File

@@ -20,46 +20,24 @@ The CLI is used to inject environment variables into applications and infrastruc
- Inject environment variables.
- Inject environment variables into containers via service tokens for Docker.
## Integrations
We're still early with integrations but you'll be able to sync environment variables across your entire infrastructure from local development to CI/CD and production.
| Integration | Status |
| -------------- | ----------- |
| Docker | Available |
| Docker-Compose | Available |
| Kubernetes | Coming soon |
| Vercel | Coming soon |
| AWS | Coming soon |
| GCP | Coming soon |
| Azure | Coming soon |
| DigitalOcean | Coming soon |
| GitLab | Coming soon |
| CircleCI | Coming soon |
| TravisCI | Coming soon |
| GitHub Actions | Coming soon |
| Jenkins | Coming soon |
Missing an integration? Throw in a request.
## Roadmap
We're building the future of secret management, one that's comprehensive and accessible to all. Some high-level features we have in mind:
| Feature | Status |
| ------------------------------------- | --------------- |
| Integrations | Ongoing |
| More hosting options | Ongoing |
| 1-Click Deploys | Ongoing |
| Account recovery: Backup key | Ongoing |
| Account recovery: Member-assisted | Not yet started |
| Slack & MS teams integrations | Not yet started |
| Access logs | Not yet started |
| Version control for secrets | Not yet started |
| 2FA | Not yet started |
| Restricted IPs | Not yet started |
| Read/write access controls | Not yet started |
| Secret rotation | Not yet started |
| Comparing secrets across environments | Not yet started |
| Feature | Status |
| ------------------------------------- | ----------- |
| Integrations | Ongoing |
| More hosting options | Ongoing |
| 1-Click Deploys | Ongoing |
| Account recovery: Backup key | Ongoing |
| Account recovery: Member-assisted | Coming soon |
| Slack & MS teams integrations | Coming soon |
| Access logs | Coming soon |
| Version control for secrets | Coming soon |
| 2FA | Coming soon |
| Restricted IPs | Coming soon |
| Read/write access controls | Coming soon |
| Secret rotation | Coming soon |
| Comparing secrets across environments | Coming soon |
Interested in contributing? Check out the guide.
Interested in contributing? Check out the [guide](/contributing/overview).

46
docs/getting-started/introduction.mdx
View File

@@ -2,20 +2,36 @@
title: "Introduction"
---
<iframe
src="https://www.youtube.com/embed/JS3OKYU2078"
width="100%"
height="400"
></iframe>
Infisical is an [open-source](https://opensource.com/resources/what-open-source), [end-to-end encrypted](https://en.wikipedia.org/wiki/End-to-end_encryption) secret manager that enables teams to easily manage and sync their environment variables.
Infisical is an [open-source](https://opensource.com/resources/what-open-source), end-to-end encrypted (E2EE) secret manager that enables teams to easily manage and sync their environment variables.
Start syncing environment variables with [Infisical Cloud](https://app.infisical.com) or learn how to [host Infisical](/self-hosting/overview) yourself.
It stops [secret sprawl](https://www.gitguardian.com/glossary/secret-sprawl-definition) by providing a single source-of-truth for environment variables. It offers a dashboard for teams to manage environment variables and a platform-agnostic CLI to inject them into apps and infrastructure.
Some problems we solve:
- Leaking .env files to version control.
- Debugging missing environment variables.
- Sending environment variables over email.
Infisical uses [end-to-end encryption](https://en.wikipedia.org/wiki/End-to-end_encryption) to ensure that only designated team members can read their environment variables; unless intended for specific integrations, environment variables are always encrypted before being sent to the server.
<CardGroup cols={2}>
<Card
title="Quickstart"
href="/getting-started/quickstart"
icon="timer"
color="#ea5a0c"
>
Tour Infisical in a few minutes.
</Card>
<Card href="/cli/overview" title="CLI" icon="square-terminal" color="#16a34a">
Install the CLI to inject secrets into apps and infra.
</Card>
<Card
href="/self-hosting/overview"
title="Self-hosting"
icon="server"
color="#0285c7"
>
Learn how to configure and deploy Infisical.
</Card>
<Card
href="/integrations/heroku"
title="Integrations"
icon="plug"
color="#dc2626"
>
Explore integrations for Docker, AWS, Heroku, etc.
</Card>
</CardGroup>

43
docs/getting-started/quickstart.mdx Normal file
View File

@@ -0,0 +1,43 @@
---
title: "Quickstart"
---
This example demonstrates how to store and inject environment variables from [Infisical Cloud](https://app.infisical.com) into your application.
Note that the Infisical CLI is platform-agnostic and can inject environment variables across many tech stacks and frameworks.
## Set up Infisical Cloud
1. Login or create an accout at `app.infisical.com`.
2. Create a new project.
3. Populate your environment variables as in the image below.
![project quickstart](../images/project-quickstart.png)
## Set up the CLI
1. Follow the instructions to [install the CLI](/cli/overview).
2. Initialize Infisical for your project.
```bash
# move to your project
cd /path/to/project
# initialize infisical
infisical init
```
## Start your app with environment variables injected
```bash
# inject environment variables into app
infisical run -- [your application start command]
```
<Info>
Check out our [integrations](/integrations/overview) for injecting environment
variables into frameworks and platforms like Docker.
</Info>
Your app should be running with the environment variables injected.

11
docs/getting-started/security/statement.mdx
View File

@@ -1,11 +0,0 @@
---
title: "Statement"
---
As a secrets manager, we are deeply committed to enforcing the privacy and security of all users and data on the platform but acknowledge that it is virtually impossible to guarantee perfect security; unfortunately, even the most secure systems have vulnerabilities.
As part of our commitment, we do our best to maintain platform privacy and security, notify users if anything goes wrong, and rectify adverse situations immediately if anything happens. As Infisical grows, we will be adding more opt-in security measures to ensure better data protection and maintain trust within the growing community. With that, lets make the most simple and secure secrets management system out there!
Best,
Infisical Team

BIN
docs/images/project-quickstart.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 243 KiB

26
docs/integrations/docker-compose.mdx
View File

@@ -3,23 +3,26 @@ title: "Docker Compose"
---
### Step 1: Add CLI to your Dockerfile
Follow steps 1 through 3 on our [guide to configure Infisical CLI](/docker) in your Dockerfile.
Follow steps 1 through 3 on our [guide to configure Infisical CLI](../getting-started/cli/installation) in your Dockerfile.
### Step 2: Generate Infisical Token
In order for Infisical CLI to authenticate and retrieve your project's secrets without exposing your login credentials, you must generate a Infisical Token.
To learn how, visit [Infisical Token](../getting-started/cli/infisical-token). Once you have generated the token, keep it handy.
To learn how, visit [Infisical Token](../getting-started/cli/infisical-token). Once you have generated the token, keep it handy.
<Info>
If you have multiple services and they do not use the same secrets, you will have to generate a Infisical Token for each service.
If you have multiple services and they do not use the same secrets, you will
have to generate a Infisical Token for each service.
</Info>
### Step 3: Tell Docker Compose your Infisical Token
For each service you want to inject secrets into, set an environment variable called `INFISICAL_TOKEN` equal to a helpful identifier variable.
This will ensure that you can set Infisical Tokens for multiple services.
This will ensure that you can set Infisical Tokens for multiple services.
For the example below, we have set `INFISICAL_TOKEN_FOR_WEB` and `INFISICAL_TOKEN_FOR_API` as the `INFISICAL_TOKEN` for the corresponding service.
```yaml
# Example Docker Compose file
services:
@@ -36,13 +39,14 @@ services:
container_name: auledge-backend
environment:
- INFISICAL_TOKEN=${INFISICAL_TOKEN_FOR_API}
```
### 4: Export shell variables
Next, set the shell variables you defined in your compose file. This can be done manually or via your CI/CD environment. Once done, it will be used to populate the corresponding `INFISICAL_TOKEN`
in your Docker Compose file.
``` bash
### 4: Export shell variables
Next, set the shell variables you defined in your compose file. This can be done manually or via your CI/CD environment. Once done, it will be used to populate the corresponding `INFISICAL_TOKEN`
in your Docker Compose file.
```bash
#Example
# Token refers to the token we generated in step 2 for this service
@@ -51,6 +55,6 @@ export INFISICAL_TOKEN_FOR_WEB=<token>
# Token refers to the token we generated in step 2 for this service
export INFISICAL_TOKEN_FOR_API=<token>
# Then run your compose file in the same terminal.
# Then run your compose file in the same terminal.
docker-compose ...
```

6
docs/integrations/docker.mdx
View File

@@ -2,8 +2,6 @@
title: "Docker"
---
Prerequisite: [Infisical Token and How to Generate One](../../getting-started/dashboard/token).
## Step 1: Add CLI to your Dockerfile
<Tabs>
@@ -33,7 +31,7 @@ Prerequisite: [Infisical Token and How to Generate One](../../getting-started/da
## Step 2: Generate Infisical Token
In order for the CLI to authenticate and retrieve your project's secrets without requiring your login credentials, you must [generate an Infisical Token](../../getting-started/dashboard/token); keep it handy.
[Generate an Infisical Token](../../getting-started/dashboard/token) and keep it handy.
## Step 3: Set start command of your container
@@ -56,7 +54,7 @@ Required options:
The CLI looks out for an environment variable called the `INFISICAL_TOKEN` which you can set depending on where you run the CLI. If `INFISICAL_TOKEN` is detected by the CLI, it will authenticate and retrieve the environment variables which the token is authorized for.
```bash
docker run --env INFISICAL_TOKEN=<the-token-you-got-from-step-2>...
docker run --env INFISICAL_TOKEN=[the-token-you-got-from-step-2]...
```
Note: `INFISICAL_TOKEN` is the token you generated in step 2.

24
docs/integrations/overview.mdx Normal file
View File

@@ -0,0 +1,24 @@
---
title: "Overview"
---
Integrations allow environment variables to be synced across your entire infrastructure from local development to CI/CD and production.
Missing an integration? Throw in a [request](https://github.com/Infisical/infisical/issues).
| Integration | Status |
| ---------------------------------------------- | ----------- |
| [Docker](/integrations/docker) | Available |
| [Docker-Compose](/integrations/docker-compose) | Available |
| [Heroku](/integrations/heroku) | Available |
| Kubernetes | Coming soon |
| Vercel | Coming soon |
| AWS | Coming soon |
| GCP | Coming soon |
| Azure | Coming soon |
| DigitalOcean | Coming soon |
| GitLab | Coming soon |
| CircleCI | Coming soon |
| TravisCI | Coming soon |
| GitHub Actions | Coming soon |
| Jenkins | Coming soon |

96
docs/mint.json
View File

@@ -35,17 +35,22 @@
],
"navigation": [
{
"group": "Platform",
"group": " ",
"pages": [
"getting-started/introduction",
"getting-started/features",
{
"group": "Overview",
"pages": [
"getting-started/introduction",
"getting-started/quickstart",
"getting-started/features"
]
},
{
"group": "Security",
"pages": [
"getting-started/security/overview",
"getting-started/security/data-model",
"getting-started/security/mechanics",
"getting-started/security/statement"
"security/overview",
"security/data-model",
"security/mechanics"
]
},
{
@@ -56,49 +61,56 @@
"getting-started/dashboard/project",
"getting-started/dashboard/integrations",
"getting-started/dashboard/token"
]
]
},
{
"group": "Command Line",
"group": "CLI",
"pages": [
"getting-started/cli/installation",
"getting-started/cli/cli-guide",
"getting-started/cli/token",
"getting-started/cli/reference"
"cli/overview",
"cli/usage",
{
"group": "Reference",
"pages": [
"cli/reference/commands",
"cli/reference/login",
"cli/reference/init",
"cli/reference/run"
]
}
]
}
]
},
{
"group": "Integrations",
"pages": [
"integrations/heroku",
"integrations/docker",
"integrations/docker-compose"
]
},
{
"group": "Self-hosting",
"pages": [
"self-hosting/overview",
{
"group": "Deployments",
"pages": ["self-hosting/deployments/linux"]
},
{
"group": "Configuration",
"pages": ["self-hosting/configuration/envars"]
"group": "Integrations",
"pages": [
"integrations/overview",
"integrations/heroku",
"integrations/docker",
"integrations/docker-compose"
]
},
{
"group": "Self-hosting",
"pages": [
"self-hosting/overview",
{
"group": "Deployments",
"pages": ["self-hosting/deployments/linux"]
},
{
"group": "Configuration",
"pages": ["self-hosting/configuration/envars"]
}
]
},
{
"group": "Contributing",
"pages": [
"contributing/overview",
"contributing/code-of-conduct",
"contributing/developing"
]
}
]
},
{
"group": "Contributing",
"pages": [
"contributing/overview",
"contributing/code-of-conduct",
"contributing/developing",
"contributing/architecture"
]
}
],
"backgroundImage": "/images/background.png"

0
docs/getting-started/security/data-model.mdx → docs/security/data-model.mdx
View File

0
docs/getting-started/security/mechanics.mdx → docs/security/mechanics.mdx
View File

10
docs/getting-started/security/overview.mdx → docs/security/overview.mdx
View File

@@ -18,3 +18,13 @@ In subsequent sections, we refer:
- To users uploading their secrets to Infisical as “senders” and those receiving secrets as “receivers". For instance, if Bob and Alice are both enrolled in a project and Bob adds new secrets to the project to be pulled by Alice, then Bob is considered to be the sender and Alice the receiver.
- To any activity involving uploading or modifying secrets to Infisical as "pushing" and fetching secrets from Infisical as "pulling."
## Statement
As a secrets manager, we are deeply committed to enforcing the privacy and security of all users and data on the platform but acknowledge that it is virtually impossible to guarantee perfect security; unfortunately, even the most secure systems have vulnerabilities.
As part of our commitment, we do our best to maintain platform privacy and security, notify users if anything goes wrong, and rectify adverse situations immediately if anything happens. As Infisical grows, we will be adding more opt-in security measures to ensure better data protection and maintain trust within the growing community. With that, lets make the most simple and secure secrets management system out there!
Best,
Infisical Team

4
docs/self-hosting/overview.mdx
View File

@@ -17,6 +17,10 @@ Infisical Cloud also comes with some extra features unavailabe in the self-hoste
Infisical can be deployed on a Linux VM with docker-compose. We're rolling out more specific deployment options for DigitalOcean, AWS, GCP, and Azure soon.
Options:
- [Linux VM](/self-hosting/deployments/linux)
## Telemetry
Infisical collects telemetry data about general usage.